Re: HTML Form Protocol Attack

From: Barnaby Gray (bgrg2at_private)
Date: Thu Aug 16 2001 - 05:04:26 PDT

Next message: EnGarde Secure Linux: "[ESA-20010816-01] fetchmail-ssl memory overwrite vulnerability"

Previous message: Gustavo Molina: "Re: HTML Form Protocol Attack"
In reply to: Jim Paris: "Re: HTML Form Protocol Attack"
Next in thread: Mark van Walraven: "Re: HTML Form Protocol Attack"
Next in thread: Gustavo Molina: "Re: HTML Form Protocol Attack"
Reply: Mark van Walraven: "Re: HTML Form Protocol Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 15, 2001 at 11:04:49PM -0400, Jim Paris wrote:
> > You're right, after attempted again I managed to get it to login to my
> > FTP server, but ftp was not the best protocol to try it on considering
> > the way data back from the server is sent, which there's no way of
> > fiddling.
> 
> I'm not sure what you mean by this, but:

What I meant is to get any useful data back over the FTP DATA
connection (for LIST, RETR, STOR commands, etc.) you either have to
use a passive mode transfer in which case you need to get another
connection to connect to an arbitrary port on the server.  Or an
active mode transfer in which case you need to be able to listen on a
port specified in the PORT command. I believe this is a risk for
tunneling back through firewalls as pointed out by others with the
recent linux 2.4 iptables PORT problems.

Barnaby

Next message: EnGarde Secure Linux: "[ESA-20010816-01] fetchmail-ssl memory overwrite vulnerability"
Previous message: Gustavo Molina: "Re: HTML Form Protocol Attack"
In reply to: Jim Paris: "Re: HTML Form Protocol Attack"
Next in thread: Mark van Walraven: "Re: HTML Form Protocol Attack"
Next in thread: Gustavo Molina: "Re: HTML Form Protocol Attack"
Reply: Mark van Walraven: "Re: HTML Form Protocol Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 16 2001 - 08:45:42 PDT